Posted
by
CmdrTaco
on Monday October 02, 2006 @11:43AM
from the get-in-line dept.

davidwr writes "Is Microsoft unfairly locking anti-virus companies out of Vista? Symantec and McAfee seem to think so and they aren't being very quiet about it, placing a full-page ad in the Financial Times. If you've found the ad online, please post a link."

Something McAfee, Symantec and all other anti-virus/anti-spyware/firewall/spam-filter companies should bear in mind,
if operating systems, applications and other software had been properly designed in the beginning these companies wouldn't exist. These aftermarket
companies are effectively parasites. Once the host changes significantly the parasites advantage is gone. Who can say Microsoft
is now to blame for not keeping them on the gravy train? It's would be true, however, to say that these aftermarket companies are in effect
and after the effect Q/A arm of Microsoft, which has doubtless helped fuel Microsoft's growth. If you're a corporate IT officer, would you
be comforted to know you only have one place to go for help now, and it's the company which releases extreme high priority bug fixes frequently?

Microsoft was overly optimistic about the true nature of people (they shouldn't as they've proven to be devils themselves), expecting
nobody would take advantage of flaws, like giving everyone effectively root on their computers, thus every application, including
malicious code. Further, they've been wonderful about hiding the true nature of what's running on your PC. I can see executables, but DLL's, why the
hell shouldn't I see those easily? Anything running on my computer should be visible, how else can I tell if there's something there which shouldn't be?

So, once again Microsoft attempts to get it right. Maybe they'll be closer to the mark this time. I don't care. XP was the last
operating system I'm ever buying from them and I don't pirate stuff. With Vista promising to be larger than ever, I don't think
it's the direction I want to go. As Michael Crichton implied in Jurassic Park, the more complex a system the more likely it
is to break down. I don't find the every growing Windows OS/Environment comforting. I'm also tired of the technology tax, I just want something to work, to be able to do mundane things
and play a few simple games when time affords. Good luck McAfee, Symantec and all the rest, it was overdue. Don't forget to send
your stockholders a "Thank You" for all the money they gave you.

Of course, if it all goes tits-up for Vista, Microsoft have nobody else to blame. Doesn't that at least warrant a warm, cozy feeling?

Something McAfee, Symantec and all other anti-virus/anti-spyware/firewall/spam-filter companies should bear in mind, if operating systems, applications and other software had been properly designed in the beginning these companies wouldn't exist. These aftermarket companies are effectively parasites. Once the host changes significantly the parasites advantage is gone.

This would be true IF Microsoft had removed the need for av/as/s/sf software but it hasnt. All it has done is changed how the software innterfaces with the OS in an attempt to make it more secure.

Who can say Microsoft is now to blame for not keeping them on the gravy train?

I can. They *arent* stopping the need for this software, just making it harder for the competition.

It's would be true, however, to say that these aftermarket companies are in effect and after the effect Q/A arm of Microsoft, which has doubtless helped fuel Microsoft's growth. If you're a corporate IT officer, would you be comforted to know you only have one place to go for help now, and it's the company which releases extreme high priority bug fixes frequently?

Fuelled MS's growth in the same way a speed bump helps ford's growth.

This might be true *IF* microsoft was releasing fixes when they're needed but as we've seen lately, they still dont.

I see it differently. Microsoft helped create an environment where these things are possible, therefore they should do whatever it takes to fix it, whether it's providing their own anti-virus or making it harder to have a virus to infect in the first place.

I agree with parent. Have we REALLY forgotten our IE/Netscape history so quickly? Microsoft is following their exact same vendor lock-in strategy now as they did then. Integrate the new product with the old and to make matters worse they're doing that instead of 'fixing' the original product (namely windows).

I'll be the first to say that XP was a huge improvement and that worm-spread was much reduced. I'll also say that I'm a developer myself and I understand that saying 'write it securely' is a hell of a

Now maybe I'm mistaken in my understanding that the anti-virus software is part of the default installation and if it is, my argument is admittedly all shot to hell and that Symantec and McAfee are big cry-babies. Given Microsoft's history, however, I doubt it.

An anti virus isn't part of the default installation. It has to be downloaded seperately and costs $50 a year.

McAfee and symantec are big cry babies. Maybe I might agree with them if thier products weren't so bad.

I don't think it's a bad thing that Microsoft has made it impractical to charge for a web browser. How is it a bad thing if they make it impractical to charge for anti-virus software?

Good point. And we might generalize it a bit. We often read here that old canard "You get what you pay for". With software, not only is this not generally true; what's more common is that with software, price and quality are typically inversely related.

Microsoft is merely doing its part to maintain this situation. They do i

That analogy makes absolutely no sense. GP was saying that AV software has fueled MS's growth by effectively being the QA dept., providing a much needed service to users of the OS. If your analogy is assumed to be valid, this implies that your analogy states that speedbumps provide a necessary service for users in operation of their vehicle. This is absolutely not the case, and so by reductio ad absurdum, your analogy is not valid.Speedbumps exist to protect those who live in the surrounding neighborhoods and shoppers in parking lots. Now, if GP's statement about AV companies was that they protect users in the same LAN as a Windows box, your analogy would be correct. Sadly (for you), it was not.

Ron O'Brien, senior security consultant with Sophos, told BetaNews. "But from what we have learned in our dialog with Microsoft, which is ongoing, the objection on the part of some vendors is that PatchGuard will prevent access to the kernel, which is that very basic level of the operating system where people feel that they may need to go, in order to provide a total security solution."

Conceivably, if Sophos wanted to provide a "total security solution," given this new set of circumstances, wouldn't it need to understand some of PatchGuard's secrets? Surprisingly, O'Brien told us no. "At this point in time, Sophos does not see the need to be able to access the kernel within the Microsoft operating system," he said.

"If there is a point in time where the kernel becomes the subject of malware being written specifically to it, then I would expect that we would go back to Microsoft and tell them we need to be able to access the kernel. But at this point, it doesn't appear to be necessary."

They *arent* stopping the need for this software, just making it harder for the competition.

Windows OneCare is not built into Windows Vista and must be bought seperatly. You can thank Symantec for that. The only thing that is integrated into Vista is Windows Defender, which the AV companies will probably sue MS over, and I can bet that both OneCare and Defender use the same protocol that MS is telling the AV vendors to use.

I think it's better to create a moderately 'insecure' system (What exactly is insecure about the Internet's infrastructure anyway?) than to impose a grand overly complex security scheme on it to find it becomes a hinderence later (20 years later for example).

Take for example e-mail/POP. It certainly has it's flaws, but is hugely successful and noone has yet been able to come up with a better system (for example, one that mitigates the spam problem) that doesn't also involve some hefty compromises that would make the whole system less useful to alot of people (and i don't mean just spammers:P).

Those who designed the Internet were also overly optimistic about the true nature of people and didn't really consider security issues either.

Oh, please. Don't get started with the tired "one of us" rhetoric. By comparison, the Internet as a whole has come to grips with the security need a bit more completely than Microsoft. Microsoft's only trying to get it right in Vista so Windows can go out an an upbeat (since they're already laying off Windows developers and not developing another OS after Vista).

Well the funny thing is that alot of these security concepts existed prior to Microsoft in the UNIX operating system but Microsoft either decided to deviate from a standard or was ignorant of it. In both cases, they created their own problem and have never chosen to fix it. Maybe Vista is a step towards fixing this but they still have a LONG way to go.

Microsoft has the ablility and market position which guarantee to some extent they can re-write their OS every few years and make billions doing it.

Too bad they don't. Microsoft's programmers are paid per line of code, and docked pay for not meeting quota. It's cheaper (for the programmers) to write around old code and hope nobody links to it in the future than it is to dike it out in such a situation: Case and paste is a way of life for the Borg.

Furthermore, Symantec and McAfee produce the "Internet Explorers" of antivirus products. Because their apps are so popular, virus authors target their software specifically, disabling them or even making them a vector for further distribution. Microsoft is doing these companies a big favour by locking them out of the kernel core because one nasty widespread virus could lead to thousands of comprimised systems, and ultimately a class-action lawsuit by furious PC owners.

Many viruses back in the DOS days were spread through BBS systems--not through software holes, but because a user wanted some warez or something. That still happens today, with stupid little flash games like "dwarfbowling" or whatever. No matter how many prompts Windows throws at them, people are going to click. But if their antivirus software throws up a warning and says, "THIS IS A VIRUS." many of them stop.

TPM+proper software design is the only way this can be mitigated. I think most people here don't care for that solution.

Depends. If the only way software will run is if MICROSOFT signs it, then no.

I think you're confusing the accuracy of my statement with your own opinions on how things should run and what level of control of your own PC that you're willing to give up.

Two solutions: 1) Only signed code is allowed. User clicks on malware, it's not MS certified to run on Windows, it gets denied.2) User is allowed to run unsigned code or code which is signed but not verified in any way. User clicks on malware. Malware is in

That's also a measure of the lack of interest for security Microsoft has had for years ! Those parasites companies, only living from the weakness of their host, have created a huge market, powerfull enough to threaten Microsoft.( Hell, talk about working for the good of the customer here. You imagine a bodyguard pointing its gun at you when you decide to replace the backdoor he was guarding... that's mafia "protection" we, customer, are buying. )I wonder where are the open source/free software when you nee

I really hate this popular Slashdot myth that viruses only exist because OSes are designed improperly. No, wrong. Most viruses are just malicious programs that get executed by the user. They don't hack in to the system, the are downloaded with another program. They come in the front door not the back one. There isn't an OS level defense for this short of an Orwellian trusted computing scheme. If I sent you a version of Apache with malicious code in it and you installed it as root, I could do whatever I wanted. Doesn't matter how secure your OS is, you gave it the permissions it needs.

What virus scanners do is provide a database of known bad code (and check for variants). They are like a bouncer with a list of known criminals. Even if the owner says "Sure, let that guy in," they can check their list and say "Sir, you don't want to do that, he's known to be a bad guy."

Now you are somewhat right that certain kinds of designs make more attacks possible. For example if you have services exposed to the Internet, then a worm can try to get in there without any user intervention. However the fundamental problem of malware is not solvable with any OS I'm currently aware of. Running as a deprivledged user does nothing. Either the malware can just install as the user and wreak havoc on that user's files (which is ultimately what they care about not the OS), or will just ask for escalation, which clueless users tend to grant without thinking, and then do as it wishes.

Unless we move to a trusted architecture, where only signed apps can execute, or we manage to get all users to be highly technically competent, they'll always be a need for virus scanners, at least on the dominant OS. Lock down every other way in all you like, it doesn't matter when you can infect people by sending them an e-mail that says "Hi I send you this file in order to have your advice."

My understanding (and please correct me if i am mistaken) is that worms and viruses infect a system through self-replication without the user's consent. While trojan horses require action on the part of the user. You seem to be confusing trojan horses with viruses. Granted, most so-called "anti-virus" software developed in the last few years also attempts to stop trojan horses.

A worm spreads on its own, by say scanning the network or sending emails to everyone in your address book.

A virus infects other files but doesn't actively spread to other systems. They may use exploits to infect the system but they may simply wait for another idiot to click on the exe they infected. So when Bob gets that floppy from you he may get infected.

Trojans do not self-replciate at all and usually are designed to control a computer or steal data.

So neither trojans nor many viruses would be stopped by a secure OS assuming the user ran them as "root" which most users would do. Worms would also not be stopped if they did not use exploits to spread, for example by sending themselves as emails or IMs.

<snip>
I really hate this popular Slashdot myth that viruses only exist because OSes are designed improperly. No, wrong.... There isn't an OS level defense for this short of an Orwellian trusted computing scheme. If I sent you a version of Apache with malicious code in it and you installed it as root, I could do whatever I wanted. Doesn't matter how secure your OS is, you gave it the permissions it needs.
</snip>

This is why SELinux [nsa.gov] and App Armor [novell.com] exist. With a proper SELinux or App Armor setup you could install Apache as root and all it will be allowed to do is what Apache does normally. So, it would only be allowed to read the/etc/httpd directory and the/var/www directory. It would only be able to write to the/var/log/httpd directory and listen on port 80 and 443. So, this could prevent an exploit in Apache from taking over the rest of your system.

Admittedly this example wouldn't help a desktop user. But, there is no reason why SELinux or App Armor couldn't help a desktop user. One example would be if Firefox was locked down to only allow downloads to the ~/Downloads directory or something like that. Now any hole in firefox would only be able to damage your ~/Downloads directory and presumably your firefox cache directory or something. It wouldn't be able to delete ~/Pictures and ~/Music. The browser example is kind of complicated because it has so many tasks these days. But, the point is that you can prevent a lot of problems by employing some kind of mandatory access control system.

Oh, and it really isn't that hard to use one of these systems either. Yeah, they can be pretty nasty if you really get into it (especially SELinux). But, for a desktop user there really isn't anything to worry about. I use Fedora Core 5 at work and at home and I've kept SELinux enabled on both systems. App Armor is really nice to use for the purposes of locking down a server system in this way. SELinux is more generic but it is much more complex than App Armor.

Most viruses are just malicious programs that get executed by the user. They don't hack in to the system, the are downloaded with another program. They come in the front door not the back one.

These are called trojan horses.

Viruses and worms replicate themselves and redistribute through backdoors. Typically "worm" carries connotations of being particularly aggressive and requiring no faults of the user. But I think, originally virus meant little more than self replication, not even necessarily malicious - just that you could be "infected" (hence the term virus). Virus carries connotations of being prolific (even within one host system).

Ones that depend on tricking the user or stupid users are trojan horses.

At least those were the definitions back in the day. The media has done a lot to muddy the waters.

In short (and IMHO):

virus - prolific replication

trojan (horse) - tricks the user

worm - finds its own way in

The problem is many cases of malware combine some or all of these rather than just one of them, and the media flounders without having a short, easily digestable label to slap on them, so they confuse things with generalizations.

I really hate this popular Slashdot myth that viruses only exist because OSes are designed improperly. No, wrong. Most viruses are just malicious programs that get executed by the user. They don't hack in to the system, the are downloaded with another program. They come in the front door not the back one. There isn't an OS level defense for this short of an Orwellian trusted computing scheme. If I sent you a version of Apache with malicious code in it and you installed it as root, I could do whatever I want

Something McAfee, Symantec and all other anti-virus/anti-spyware/firewall/spam-filter companies should bear in mind, if operating systems, applications and other software had been properly designed in the beginning these companies wouldn't exist. These aftermarket companies are effectively parasites.

They're not parasites, they're symbiotes. In a parasitic relationship, only the parasite profits. As you've said yourself, "It's would be true, however, to say that these aftermarket companies are in effect and after the effect Q/A arm of Microsoft, which has doubtless helped fuel Microsoft's growth."

IANAM (I am not a mathematician) but I once attended a lecture where the speaker was an expert on Kurt Gödel. He claimed that Gödel's incompleteness theorem can be applied to prove that one cannot make perfect antivirus software. Either it will be too strong (imagine labeling everything a virus) or it will not be strong enough. If, therefore, Microsoft can't prove that their security is perfect then one might argue that competitors should be allowed their crack at it.
I say security in a reasonab

There is nothing wrong with signature-based virus protection. It is very difficult to design systems that can pre-emptively determine good code from bad. Heuristics has a place in security, but its not as accurdate, IMHO, and contending with flase positives would be more annoying to home users than paying the nominal fee. For corporations, you have IDS/IPS systems, and they are trying to develop this for the desktop (Host-base IPS or HIPS), but confuring them properly can be extremely difficult, and allo

Exactly! I remember when Norton Utilities for DOS was a set of near-impossible to replace system tools that were undeniably useful to anyone with the inclination to use them.

Now we've got SuperSuite SystemWorks 2007.3 Ultra ++ Premium Platinum Professional Network Edition, and it's great! It loads a piece of shit e-mail scanner that sucks up 24mb of your ram and only works with two e-mail clients (not web based e-mail like most people assume it does!), some sort of 'worm protection' that succeeds only in disallowing you to connect to any remote machine ever, for any reason, you've got their anti-virus protection which incidently takes about 45mb of ram to sit in the background, double that if it's doing a scan, then you've got the heuristic detection, which is about another 5-10 mb of your ram, you've got the 'Symantec System Center' console, that takes about 10mb of ram just so it can tell you you're running SystemWorks 2007.3 Ultra++ Premium Platinum Professional Network Edition every five minutes in a pop-up window. Then there's Goback, which doesn't work, Ghost Personal 10, which I've yet to get to work properly thanks to its inability to properly clone 'msgina.dll', and an out-dated 'update' to checkdisk that the software doesn't allow you to force a manual run of. Don't even get me started on 'Norton Internet Security' which effectively stops you from transmitting *ANY* data unless the user clicks OK about a thousand times, and also does about 10 or 15 other things to your connection that it will never tell you about that impede normal workgroup/domain traffic. Lovely.

And that's just SystemWorks. Don't forget about how Corporate Antivirus 10 has a nasty penchant for destroying corporate systems (as seen on slashdot here [slashdot.org].)

Maybe I'm just bitter at having to remove all this shit from client's computers who have bought it and spent their $50 or $100 on this software only to have it completely screw them from top to bottom.

I think that Symantec needs to do one of two things: Either drop out completely, admit that their software is a shadow of what it used to be and that they've lost all ability to write any sort of tight and non-resource hungry code, OR re-write their damn software to be functional and not take an average of 100mb of ram to run. I'm fairly certain that properly written code doesn't need direct kernel access to check whether c:\boot.dat is infected with a virus. 'Course, I'm no programmer, so, I don't know that for fact.

But either way, if they did that, I think their cries would fall on more sympathetic ears.

Once Vista hits the streets in its final incarnation, and the Bad Guys get to working on it, my money is on the premise that third party antivirus solutions to whatever problems that inevitably must arise, will continue to be a necessity.

After all, it's not like we don't already have a pretty good track record to examine, with the folks who are producing Vista, eh?

McAfee and Symantec aren't complaining that MS made their OS really secure, and as such, have nothing left to protect against. What they are complaining about is that MS has made it impossible for any program to run at a low enough level (except MS programs of course) to be able to work effectively as an antivirus/antimalware application. They've made is so that it's impossible for anybody but MS to make a proper virus scanner. Well, they could make a tool that would get down to that level, but it would have to be through some security hole in the code, and MS would most likely patch it to prevent hackers from using it. So i think that Vista will be more insecure than ever, because MS will be the only ones able to provide security tools.

I'm not disagreeing with you, you're bang on, but you raise an interesting point in "MS has made it impossible for any program to run at a low enough level (except MS programs of course)" that I want to expand on. MS doesn't sell open source software. They've never once said "do whatever you want with our OS". They don't provide source code to build your own kernel. So why the big stink by these companies? This is the nature of closed source software platforms. You're at the mercy of their creators. This turn of events for the anti-V companies is EXACTLY the reason why I no longer use or recommend closed source software to my board. Microsoft has ALWAYS owned the key to Symantec's and McAfee's business models. They've just decided to close that door now and these guys will now have to pay the price for the choice of platform they made. This same fate could happen to ANY windows-only software maker. It's the nature of dealing with a platform over which you have zero control.

FTFA: "Microsoft is being completely unrealistic if, by locking security companies out of the kernel (core), it thinks hackers won't crack Vista's kernel. In fact, they already have," the advert in the Financial Times read.

So why aren't McAfee and Symantec hooking their program in through the same cracks the hax0rz are using?

While I agree with you that Microsoft has had the keys forever and that they've never been very encouraging about allowing people to do what they want with Windows, it's a bit different than you detail. It's all about unfair market share. If MS had the market share that Linux or OS X does, then it's all fine and dandy. I'd be the first to tell Symantic and McAfree to stop crying in their beer and go back to work and figure something new out.

Maybe you could point us to this wonderful OS that is totally secure? Keep in mind I don't want to hear about some OS that holds 1% of the market and has never been affected by a virus. That just means no one cares enough to write one for it. You need to show in some way that you have proof no virus could ever compromise this OS you wish us all to use (there is no way IMO to show something is perfectly secure). Oh, on top of that please be sure to demonstrate that this uber-OS functions on a level equal

If anyone is, um, silly enough to run Vista without waiting for at least 6 months after SP2, then they probably are not really concerned about security, compatibility, and reliability anyway. It's pretty standard practice to wait.

Smalltown, US - NAPA says increased quality in GM exhausts unfair.
A representative is quoted saying: "GM is in the business of building cars. There's no reason for them to build quality parts for their cars. It's absolutely unfair that the default exhaust lasts more than 3 weeks without needing a replacement. They're trying to drive us out of business."

I think your comparison would be more accurate if GM made a car that got 5 miles per gallon on gasoline and 50 miles per gallon on 'GM signature gasoline', then told the oil companies that they were just trying to provide their customers with better fuel efficiency.

I think you missed the point of the article. McAfee's biggest gripe wasn't about being put out of business, it was the fact that an agreement held between them and Micro$oft allowing them access to the kernel wasn't being upheld. If you think that Vista is going to be secure, I believe you're mistaken. BTW aren't we still patching IE6? And these same people are going to keep the us secure? I think not.

It'd be more along the lines of GM still leaving exhausts that only last 3 weeks on the car, but changing the design enough so that no current aftermarket exhausts can be installed. Also, a special tool that is not available to any aftermarket dealers is required to remove and install the exhaust system.

That would be a fitting analogy! Nobody told Microsoft not to enter the security market, but they are attempting to actively prevent others from being able to compete with their offerin

I'd have to take anything that security solution companies say with a grain of salt. I am sure that most of these companies are a bit pertubed with MS getting into an area that they consider to be traditionally theirs.

The new steps in Vista will make the product more secure. In that, it might also make it harder for these third party programs to be as integrated with it.

A) Release an OS without really beefing up security and watch everything bad about XP and prior releases repeat itself on a larger scale.

B) Release an OS and beef up security and see people who have made a living compensating for your poor coding in the past complain that they can't in the future.

The NAPA analogy is shockingly accurate in my opinion. Like what would happen if all the fast food places discovered a way to make the same fast food, but make it healthier enough that people didn't have to worry about dieting anymore? Who would complain? Diet manufacturers of course...

Why is it that whenever a monopolist abuses their position everyone immediately presents an analogy using a company that does not have a monopoly and calls it the same thing? Here's an analogy that is actually apt. The electric company has a monopoly on local power distribution. For years, third party companies have been selling power converters to get around the low voltage of power delivered by the power company and allow a significant number of app

If they release a new OS with beefed up security by the definition of ot being "beefed up" that would mean no need for third party security addons. Actually I believe Vista has a documented API for how they handle security now so Symantex and others can still write security applications. They're just mad because a lot of what they do isn't needed now. So if they do your version C they will still be hated by anti-virus manufacturers.

Sadly, there's no compelling reason for Company A to allow Company B access to the inner workings of their product. It *MAY* be in the consumer's best interests, but it doesn't benefit Company A's bottom line, so the consumer's interests don't matter.Since there's no financial benefit to Company A, and there's no legal reason forcing them to (yet) then the consumer is just SOL.

I don't agree with passing laws to regulate how specific businesses work in most cases, but when there's no way the market (ie, the

Since there's no financial benefit to Company A, and there's no legal reason forcing them to (yet) then the consumer is just SOL.

Actually, the legal reason DOES exist since MS is (in the eyes of the law) a monopoly. They need to play be different rules. Now if companies B1 and B2 go to court, which they probably will when Vista is released, then they can get some relief AFTER THE FACT.

IMHO, MS isn't being smart. They WILL get smacked by the courts again, and since the consent decree is still in effect, it w

While I agree with you, most end users don't have enough clout for that to matter, and the fact is that most users are apathetic enough that you won't convince them to leave MS in any significant number.

Its like me avoiding shopping at walmart. I like to think that it hurts their bottom line by taking my dollars elsewhere, but I know that in the end it doesn't really matter since there are many, many more that will gladly keep throwing their money at walmart.

No, as someone else pointed out, the analogy only works if Napa is unable to make parts for other cars. The analogy doesn't work if parts are simply unneeded. To use your fast food reference, it's like saying if you eat at McDonald's you can only exercise by playing in their ball pit, and not anywhere else. MS has not made their OS impenetrable, they've made it impossible to tack on third party tools to protect against the bugs/holes/social-engineering-exploits that will inevitably be there.

Why arent they attacking OSX as well? I mean it has a built in firewall that is actually semi decent and not many other widely exploited vulnerabilities... Wouldnt that mean that OSX has been for a long time shutting out companies like this?

They're trying, but most of the mud they try to kick up doesn't stick because Mac OS X was designed as a much more forward-thinking system than Windows. At least as importantly, it also isn't saddled with hideous mounds of backwards compatibility issues, which also contribute tremendously to the chinks in Windows' armor. Security on Mac OS has generally been superior to what's existed on Windows/DOS for at least the last fifteen years; the cottage industry providing security for Microsoft's products didn'

My point is that Symantec, McAfee, and various and sundry others can't make the argument that they're being locked out of the MacOS space because they were barely in it to begin with. A specious, shrill argument could be made on their behalf in the Microsoft-owned space because Microsoft has historically been so bad at security that any substantial long-term improvement by the company represents a very real threat to their presently thriving business model. More to the point, such an improvement will make

Just to clarify:
Windows was first designed in the early to mid 80's.
OSX, built on top of BSD, developed in the 70's from UNIX.
ARPANET was designed in the mid 60's to connect the computers of the country (usa) in the event of nuclear war. Thats right, people have been connecting computers into networks for some 40 years. Windows just was not designed to be connected to the internet. OSX was designed to never be without the internet.

Add on to that all the media and other functionality that they were all about touting at the last Apple Developers Conference thing... The real answer is that Apple doesn't have enough market share to be worth going after for parasitic money, and doesn't have the lingering specter of anti-trust actions to make it an easy target.

OS X's built-in firewall sucks. And I'm a mac user. Through the interface, click all the security options (and go into Advanced and check stealth mode, etc). Type in 'ipfw show' at the command prompt. Wow! Stealth mode blocks ICMP echo requests! The firewall *still* allows all UDP traffic in, so long as the UDP traffic *comes from* a specific port. In short, the firewall assumes nobody is spoofing packets to get through it, which is retard

Because it's possible to build a different firewall for OSX and use that. It's the same reason why they aren't complaining about Windows XP. Vista has made it impossible (without exploiting a hole that will probably be fixed) to run code at a low enough level such that it can be an effective firewall/viruscanner/anti-malware tool.

The AV and anti-spyware companies don't want you to have a secure experience.I mean, it's like duh etc. I know. But this is ridiculous, if they are a huge corp with mad assets..once the primary "corporate mission" of securing people is accomplished.. then DO SOMETHING ELSE. If you have smart engineers as assets, figure out a way to use them!! Are their CEO's this short sighted? Let me guess they'll have layoffs of really smart folks and then blame Microsoft instead of doing something else innovative.It's

I suppose Microsoft will claim that this is another integral part of an OS. While my first reaction is to scoff, I can imagine how that could be a good argument. I mean, Microsoft gaffs aside, any OS as popular as Windows will invite viruses, and not patching and protecting every Windows OS just opens all the others to attacks via trojans and bots.
However, this is a really tough one for the lawyers to argue. If today Messenger is shipped with windows as a communication tool, then can a virtual VoIP client be shipped tomorrow as an updatd communication tool? How about a middle of a road version of SQLServer, with licenses that would fit the needs of small and mid-sized business just fine?
Our anti-trust laws obviously need to be updated. I don't think for a moment that Apple is any better than Microsoft. In some ways, they may be worse. But, how can one stop them when our current anti-trust laws were made for steel an railroad barons?
Are there any other countries that have better ideas of how to approach anti-trust in the digital age? Any examples of how it's been applied successfully?

I suppose Microsoft will claim that this is another integral part of an OS. While my first reaction is to scoff...

Your use of the word "claim" implies that someone other than them should decide what is, and is not, part of their own product. They wouldn't be "claiming" such a thing, but simply stating it. "Yesterday, our product looked like X, and today, it looks like Y." Other companies that glom onto a freight train like MS and get rich doing so can hardly complain (with a straight face) when that other company's products change shape or purpose. Symantec and MacAfee aren't MS's customers, the end users are. If we ever get to the point of killing off most of the spam conduits in the world, we'll probably hear about how the spam-filtering appliance makers are being "unfairly" deprived of a living.

This all derives from the pervasive sense of entitlement that's drenching our culture. MacAfee and Symantec know the score, but they're playing this card because they know it will resonate in a courtroom full of modern day jurors, should it come to that. Sleazy, but probably clever in real terms.

If Symantec and McAffee actually made decent products these days, they might have a point. If they actually hired Americans to do most of their development, I might be a tad more sympathetic, but I don't have any sympathy for them. Microsoft has destroyed far more worthwhile publishing companies than those two. Seeing their core business hit doesn't bother me a bit. The truth is their products started sucking a long time ago.I just wish Microsoft would take down Quicken. There's another dynasty that ha

Trend Micro is the only (AFAIK) vendor that is certified to produce an anti-virus product for Vista. [trendbeta.com] Are they being given the keys to the castle while McAfee and Symantec are left out in the cold?

Because in the consumer-grade market, Trend's PC-Cillin is about the only decent product. McAfee and Norton are bogged down with crap left and right, and Trend is slim and trim. Try the consumer-grade stuff out, and you'll see that I'm right. Now, in the corporate sector, SAV and Trend Micro Officescan are gods. McAfee Enterprise is still crap. I'm honestly surprised that they're sill in business - guess those OEM deals must make them a lot of money.

Not to mention, Trend has NO issues with being able to disable the Windows Firewall, Windows Defender or anything else. Not to mention it hooks into Security Center with no issues at all. Works perfectly fine. Now Symantec is claiming it CANNOT do all these things, why is it in a Beta that Trend has no issues with all of the above.

Maybe if Symantec got some real programmers that could read Vista's API and basic documentation, which is available for FREE, they wouldn't be complaining so much.

It's because they've shut the fuck up and updated their product while Symantec has been bitching. MS is not locking out 3rd party virus scanners or 3rd party anything. They know that would get them sued in a hurry. They've just changed the way things work, and you need to update your software accordingly. Vista has all kinds of changes like that. For example PDFcreator no longer works. MS lockout? No, security change. Used to be services could directly interact with the desktop. Well I guess that makes you venerable to a certain class of attacks called shatter attacks. I don't know the details of what they are, but at any rate. So Vista changed the model. Now you have to have the service separate and then a program that interacts with the desktop and controls it. An MMC control would work fine, or your own app, whatever. Just a new way (hopefully more secure) of doing things.

This all reminds me of back in the Windows 2000 days with pro audio cards. So Windows 2000 moved to a new driver model for audio called WDM. While it could use NT drivers, you got none of the features, you needed WDM drivers to be fully 2000 compatible. Well the pro audio companies bitched and whined that WDM wasn't suited to pro audio and that nothing would work and so on. Finally they gave in and released WDM drivers and, what do you know, they work great, better than anything before and that's all that's out there now. However they didn't want to change to a new system so they whined.

That's all that's happening here. Companies are being whiny because they don't want to update. I have no sympathy.

Personally, I wouldn't care if both Mcafee and Symantec went bankrupt tomorrow. Both feature bloated, buggy software, and symantec's sales pressure to 'Upgrade' to newer buggier software rather than renewal of the old software is just disgusting. Granted, I don't know if MS could do a better job, given their abysmal track record on security and virus prevention. They love to just leave the barndoor open for stuff like that. But they may be able to produce a spyware/virus solutions that works better within their systems, better than the monkeys at Mcafee and Symantec anyways.

I hope McAfee and Symantec were around pushing for the administration to enforce antitrust back when it might have mattered. It's too late now. This is what you get when a company acquires monopoly power.

I remember when water-cooler talk veered from sports to politics to what word processor you liked. (Remember when there was more than one?)

Anyone remember a program called Lotus 1-2-3?

Oh, and what about Stacker? Why, yes, Microsoft stole Stacker's technology, called it DoubleSpace, and drove Stacker out of business despite Stacker's winning their patent infringement lawsuit.

I haven't heard much about GoBack lately, have you? Wildfile GoBack... I mean Adaptec GoBack... I mean Roxio GoBack... I mean Norton GoBack...

Anyone who believes all this was because Microsoft had superior products lives in a logic-tight compartment.

It's too bad that the administration chose not to pursue antitrust in any meaningful way against Microsoft, but they didn't, and these are the consequences. If Microsoft feels like squashing Symantec and McAfee there's nothing you or I or Symantec or McAfee can do about it. Only the feds have enough power, and possibly even they don't have enough any more.

So, let's all hope Microsoft's antivirus component is pretty good, because whether it is or not, in a few years it's all we're going to have.

Um... so, if the very same company happened to have produced an O/S (let's go back to, say, Win98 or something, doesn't matter), that WAS airtight, and wouldn't be materially helped by third-party A/V products... wouldn't you still be saying the same thing? At what point did the publisher lose the right to make their own product better?

At what point did the government, or third parties via the courts, become the best people to decide what features you think should appear in your new software product? Are you really comfortable with that, as a matter of philosophy? If Vista sucks in new and interesting ways, it will either have problems, or a third party will find a new (if temporary) way to make a truckload of cash. If it doesn't suck, all you've got is less trouble on the desktop, and fewer dart-throwing targets for people that don't like MS (um, including the ones who say they don't like MS because their products are secure... the irony is delicious).

So, let's all hope Microsoft's antivirus component is pretty good, because whether it is or not, in a few years it's all we're going to have.

So what? It's also the only thing that's meaningfully doing all sorts of things in its role as your O/S. If you don't like the collection of computer-operating tools that's called Vista... use something else. It's not MS's obligation to provide a platform for other companies to market particular pieces of the desktop and under-the-hood environment. No more than it's Symantec's obligation to open up their products so that MacAffee can make money off of "improving" Symantec's tools with another item you can buy.

If you've used Vista you might have seen the icon for OneCare Live in the Welcome Center. Currently it's only for XP, but clearly it will be ported to Vista as well. Microsoft clearly is going to be able to make their own antivirus product work with Vista. Thus it is going to be possible for other companies to do the same. I don't see what the problem is.

I also recall the security vendors whining that MS made their own Security Center and they can't crack it. Well guess what... let's say I'm a hacker

If you want to play with the big boys you got to play like one. They could fix this situation inless than a week and have microsoft bending over backwards to help them out.

CEO Symantec: Billy you are pissing me off let me have access to what I want.

Billy: No way we are taking over the playground.

CEO Symantec: Well you are going to let me have access to what I want or else.

Billy: Or else what, I am not scared of you I own the desktop.

CEO Symantec: Ok here is what I am gonna do.

Billy: laughs

CEO Symantec: We are immediately updating all of our desktop software.

Billy: yea so

CEO Symantec: Any time a virus is found on the system it will pop up a message to the user. If itis browser installed malware it will contain the following message "A virus related to your IE installation was quarenteened and removed. To eliminate future possible system infections you cango to www.getfirefox.com and download a secure browser which will greatly enhance your web surfing experience".

Billy: I don't much care about IE anyhow we don't even make money on it.

CEO Symantec: Any time a macro virus is found on the system it will pop up a message to the user. "A macro virus has been found on your system and it is possible that your personal data could have been stolen. A better office suite that is even compatible with your current documents and is totally fee of charge is available at www.openoffice.org. If you would like this installed press ok and the macro virus will be removed and we will upgrade your system to a better office suite"

Billy: oh crap, please don't do that.

CEO Symantec: Also when it catches a system virus it is gonna point the user to ubuntu and offer to install it.

Billy: Tell you what we will send over a team of developers and help you fully integrate with our system.

Vista is not released yet they have plenty of time to create one hell of alot of problems for MS in a quick hurry well before it is even released...I am not sure what there current install base is but I would guess that a 100 million would at least be close.

is a synonym for "someone we haven't figured out how to screw out of their VAR market share yet."

The list of companies that added value to Microsoft OS products, then watched as Microsoft bundled those products into their offerings (often at no cost to the customer), goes back to MS-DOS. Quicken is the only product I've seen Microsoft take a bead at and not knock them into irrelevence. OS/2, Netware, Lotus 123, WordPerfect, AOL, Borland, several desktop database vendors, DEC, FAX drivers, scanner/OCR software, screen savers, and many others made some cash and then faded into the recycle bin. Now Microsoft is stretching into enterprise applications with their piles of money.

If microsoft had made a secure system in the first place, Symantec and Mcaffee never would have had a product. Unix based systems are generally quite secure without the need for bloated firewalls / anti-viruses.

There are a lot of businesses that Microsoft doesn't have much reason to enter. I think they should have left web browsers, search engines, media players, instant messengers, etc. to third parties, but I think Microsoft ought to be able to make a secure system. That said, I'm not sure how they're sec

...and Trend Micro has no problems converting their AV suite over to the Vista model. Hmmmm.

Symantec and McAfee are only bitching because their shitty, shitty, shitty products are heavily tied into the old system by way of layer upon layer of cruft, which they don't particularly want to dig through. If Trend can do it, so can they; they just don't want to.

After l'affair SONY rootkit where all of those companies conspired to exploit the end users in default of their clear obligations, I want to see them ALL dragged through the mud. Thoroughly. And stepped on by swine. And sexually assaulted by hogs.

Every single one of those companies took people's money, and then betrayed them. MS, McAfee, and Symantec are only some of the unindicted co-conspirators, of course. But their names are at the head of the list.

I'm no fan of Microsoft, but the major antivirus companies, especially Symantec, have had this coming for a looo-hooong time.

Most virus writers have moved on to even more damaging (trojans, worms) or lucrative (malware) attacks by now, that the major checkers are either too slow to protect against or, in the case of malware, outright refuse to unless the user buys a new product. Meanwhile even Microsoft Word now contains some built-in anti-virus measures, all the major webmail providers have built-in virus scanning, and many new computers don't even HAVE floppy disks.

This is not to discount the dangers of viruses, mind. My dad once took a new computer back to the store because of a virus on it that simulated a memory parity error, and boy was I EVER mad about that. But that was a 486DX running at 66mHz running Windows 3.1, and that was my last personal experience with viruses. They are just not the threat it once was, yet to listen to these guys, you'd think the world was about to explode, constantly, forever.

McAfee was the company that mongered much fear a few years ago about a JPEG virus that was going around. Remember that one? [sfgate.com]

Symantec is so anxious that people continue to subscribe to their highly lucrative virus definition service that they'll use any combination of the words "Urgent" and "Recommended," and red and boldface text attributes, to get people to pony up for another year of protection they probably don't need, and Microsoft themselves is a major contributor to this funding source by including that little Security Center taskbar icon to nag users into putting antivirus software on their machine.

Antivirus software is the kind of thing that should be provided by the OS manufacturer for free, because it makes the OS more secure. Windows could certainly use more of that.

Well Avast! is going to get screwed just like Norton and MacAffee. All those free AV products are going to become a lot less useful when they can't detect unauthorized actions on the kernel.

I think a lot of people are missing the point here. Microsoft hasn't "secured" the kernel from attackers. They've simply removed any way for legitimate non-microsoft software to monitor the kernel. People have already found ways to attack the Vista kernel, and given Microsoft's history with security I don't feel very good about them being my only defense.

I'm a vendor, and I've tried to work with both these antivirus vendors on a number of projects. My customers would pay as much as $1-2K per server for an integrated "name brand" anti virus feature in my product. What I wanted was an API that will let me hand them a file, scan it and tell me exactly what is wrong with it without them needing to write an extra copy to disk. Their brand would be all over our product: a major selling point. No vendor could deliver that, so I ended up implementing a solution